| Environment | Branch | URLS | CI | Documentation |
|---|---|---|---|---|
| Development | develop | https://admin-api.playola.fm https://admin.playola.fm |
 |
Docs |
- Install Docker
- Create .env files in the following locations:
./server/.env-- example file at./server/.env-example
- Running the following command from the root should install all containers and connect them together.
docker-compose up
- the server will be up and running at https://127.0.0.1:10020. After it's running you can use the healthcheck endpoint to make sure: http://localhost:10020/v1/healthcheck
Authorization is performed with a json web token in the header of requests under Authorization: Bearer <token>. To obtain a bearer token, sign in with one of the following methods:
Clients can authorize via the Spotify Authorization Code Flow.
- Client sends a GET request to
/v1/auth/spotify/web/authorize(for web clients) or/v1/auth/spotify/mobile/authorize(for mobile clients). - The server redirects this to spotify, but replaces the client's
redirect_uriwith the server'sredirect_uriin order to intercept the token and store it. - After the user signs in to spotify, they are redirected back to
/v1/auth/spotify/web/codeor/v1/auth/spotify/mobile/codewith a newcodetoken from spotify. - The server exchanges this code for an accessToken and refreshToken and finds or creates a spotifyUser and a User.
- The server adds a json web token that can be used for playola authorization under
playolaTokenand redirects the user to the original client redirect_uri. - The client can authenticate with playola using the
playolaTokenas a Bearer token. It can make spotify requests through the playola server or it can exchange thecodedirectly with spotify for an auth token and refresh token. - When the client's spotify accessToken expires, it can swap the refreshToken for a new one at
/v1/auth/spotify/swap.
When a user is created, it fires a USER_CREATED event. A worker picks up this event and asks spotify for all songs related to the user.